PHP input/output streams

php://stdin, php://stdout
and php://stderr allow access to
the corresponding input or output stream of the PHP process.

php://output allows you to write to the
output buffer mechanism in the same way as
print() and echo().

php://input allows you to read raw POST data.
It is a less memory intensive alternative to
$HTTP_RAW_POST_DATA and does not need any
special php.ini directives.

php://stdin and
php://input are read-only, whereas
php://stdout,
php://stderr and
php://output are write-only.

php://filter is a kind of meta-wrapper designed
to permit the application of filters to a stream at the time of
opening. This is useful with all-in-one file functions such as
readfile(), file(), and
file_get_contents() where there is otherwise
no opportunity to apply a filter to the stream prior the contents
being read.

The php://filter target takes the following
'parameters' as parts of its 'path'.

/resource=<stream to be filtered>
(required) This parameter must be located at
the end of your php://filter specification and
should point to the stream which you want filtered.

<?php/* This is equivalent to simply: readfile("http://www.example.com"); since no filters are actually specified */

readfile("php://filter/resource=http://www.example.com");?>

/read=<filter list to apply to read chain>
(optional) This parameter takes one or more
filternames separated by the pipe character |.

<?php/* This will output the contents of www.example.com entirely in uppercase */readfile("php://filter/read=string.toupper/resource=http://www.example.com");

/* This will do the same as above but will also ROT13 encode it */readfile("php://filter/read=string.toupper|string.rot13/resource=http://www.example.com");?>

/write=<filter list to apply to write chain>
(optional) This parameter takes one or more
filternames separated by the pipe character |.

<?php/* This will filter the string "Hello World" through the rot13 filter, then write to example.txt in the current directory */file_set_contents("php://filter/write=string.rot13/resource=example.txt","Hello World");?>

/<filter list to apply to both chains>
(optional) Any filter lists which are not
prefixed specifically by read= or
write= will be applied to both the read and
write chains (as appropriate).